feat: introduce TxTemplate as an intermediate stage

[evanlinjin]

Description

Closes #57.

The transaction-building API had grown awkward, and a revisit traced the awkwardness back to how anti-fee-sniping (AFS) was bolted on. The concrete symptoms:

• Non-AFS callers paid for AFS. Enabling AFS to live inside create_psbt meant everyone had to reckon with two extra error variants and an extra input, whether or not they used the feature.
• AFS was filed under the wrong concept. AFS isn't a PSBT concern at all — it's just logic that decides a transaction's locktime and input sequences. It had no business living inside PSBT creation.
• PsbtParams was doing two jobs. It carried both bitcoin-transaction-shape fields (version, min_locktime, sequence) and PSBT-specific emission options. Because AFS depended on those tx-shape fields, it was structurally pinned inside the PSBT step and couldn't move out.

The right place for AFS is before PSBT creation — it decides tx fields, then those feed into emission. That mirrors Bitcoin Core, where DiscourageFeeSniping runs as a step before the transaction is built. But AFS couldn't be moved without first untangling the tx-shape fields from PsbtParams — i.e. an architectural change, not a local one.

This PR introduces that change: a TxTemplate stage that sits between Selector and Psbt and owns the fully-resolved tx shape (version, locktime, fallback sequence, per-input sequence, ordering).

Selector::try_finalize() → TxTemplate → SealedTxTemplate → (Psbt, Finalizer) | Transaction

What this buys us:

• Concerns are separated. Tx-shape decisions live on TxTemplate; BuildPsbtParams is now emission-only. AFS becomes one chainable step on TxTemplate (apply_anti_fee_sniping) that just drives the same public setters anyone else would — it is no longer privileged.
• Non-AFS callers stop paying for AFS. The extra error variants and input are gone from the common path.
• AFS can't be silently undone. Because AFS is the terminal shaping step, apply_anti_fee_sniping consumes the TxTemplate and returns a SealedTxTemplate that exposes only reads and emission — no setters. The type system now guarantees nobody changes the version/locktime/sequence/ordering after AFS has pinned them. TxTemplate Derefs to SealedTxTemplate, so the shared read/emit surface isn't duplicated, and the two-type split maps cleanly onto an FFI boundary (where a type-state generic could not).
• Callers who don't want a PSBT aren't forced into one. Both TxTemplate and SealedTxTemplate can emit a bitcoin::Transaction directly, and PSBT v2 support (#48) now has an obvious home as a future build_psbt_v2() — same construction logic, different emit step.

A secondary win: with build_psbt no longer needing an RNG, the library drops its rand dependency (only rand_core's RngCore trait remains).

Notes to the reviewers

Commits (each is a self-contained, reviewable step):

1. refactor!: rename Selection to TxTemplate — pure rename, no behaviour change. Sets up commit 2.
2. feat(tx-template)!: route tx-shape decisions through TxTemplate — the meat. Adds the resolved tx-shape fields and their validating setters, splits PsbtParams → emission-only params, makes PSBT emission return (Psbt, Finalizer), and turns AFS into a chainable pre-PSBT step. Closes Introduce TxTemplate as a state between Selection and Psbt #57.
3. refactor!: drop rand dependency from the library — moves rand to dev-deps now that emission no longer needs it.
4. refactor: rename create_psbt to build_psbt and extract its types — settles on the "build" verb so the method, params, and error agree (build_psbt / BuildPsbtParams / BuildPsbtError), and moves those types into their own build_psbt module.
5. feat(tx-template)!: seal TxTemplate into SealedTxTemplate after anti-fee-sniping — makes AFS terminal. apply_anti_fee_sniping now consumes the template and returns a mutator-free SealedTxTemplate; TxTemplate wraps it and derefs for the read/emit surface.
6. feat: Add single_random_draw selection algorithm — a selection_algorithm_single_random_draw that shuffles candidates with a caller-supplied RNG and selects until the target is met; randomness lives at the selection step so candidate construction stays deterministic.
7. feat: Add InputCandidates::push_must_select / push_can_select — incremental builders to extend an InputCandidates after construction (with outpoint de-duplication).

Two implementation points worth a look:

• AFS mutates the template in place through a small free helper (apply_anti_fee_sniping(&mut TxTemplate, …)), and the public TxTemplate::apply_anti_fee_sniping method does the sealing. The helper drives set_locktime_in_place / Input::set_sequence and .expect()s the results. The expects hold by construction: the locktime path only fires when afs_locktime >= current (both height-based, since AFS early-rejects time-based inputs), so the unit + ≥-CLTV checks always pass; the sequence path only touches taproot inputs without a relative timelock, so the CSV/CLTV-disable check can't fail. Worth a second pair of eyes on whether those invariants really are total.
• TxTemplate::from_parts is pub(crate) — external users construct via Selector / InputCandidates. If hand-rolling a TxTemplate becomes a common ask, exposing it is a one-line change.

Out of scope:

• no_std. Blocked on a bdk_coin_select release: fix: add conditional FloatExt import for no_std builds coin-select#37 is merged but unreleased. Follow-up once 0.4.2 lands.
• PSBT v2. Accommodated by the design (see above) but not implemented here.

Changelog notice

• Renamed Selection to TxTemplate, now the single workspace for transaction shaping (version, locktime, fallback sequence, per-input sequence, ordering, anti-fee-sniping, emission).
• Selector::try_finalize now returns Option<TxTemplate>; InputCandidates::into_selection is now into_tx_template, returning Result<TxTemplate, IntoTxTemplateError> (was IntoSelectionError).
• Split PsbtParams into BuildPsbtParams (emission-only). Tx-shape options moved to TxTemplate setters: set_version, set_locktime, set_fallback_sequence, apply_anti_fee_sniping.
• Anti-fee-sniping is now terminal: apply_anti_fee_sniping consumes the TxTemplate and returns a new SealedTxTemplate that exposes only reads and emission, so the tx shape cannot be mutated after AFS. TxTemplate derefs to SealedTxTemplate.
• PSBT emission is build_psbt (renamed from create_psbt) and returns (Psbt, Finalizer); its params/error are BuildPsbtParams / BuildPsbtError. shuffle_inputs is now consuming (returns Self).
• Behaviour change: previously-silent locktime handling is now explicit. A wrong-unit min_locktime was silently ignored and a below-CLTV value silently clamped; set_locktime now returns SetLockTimeError::UnitMismatch / BelowInputCltv, and set_version returns SetVersionError::RelativeTimelockRequiresV2. The hardcoded ENABLE_RBF_NO_LOCKTIME fallback sequence is now configurable via set_fallback_sequence (default unchanged).
• Added selection_algorithm_single_random_draw (single-random-draw coin selection, RNG supplied at the selection step) and InputCandidates::push_must_select / push_can_select for extending candidates after construction.
• The library no longer depends on rand (only rand_core, for the RngCore trait).

Before submitting

• I followed the contribution guidelines
• This PR breaks the existing API